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AMENDMENTS TO THE CLAIMS 
Please reinstate Claims 3,15, and 27 due to an error in the April 20, 2004, Advisory 
Action. 

Please amend Claims 1, 5, 6, 13, 17, 18, 25, 29, and 30, as follows: 

1 1 . (currently amended) A method of securely invoking an access control function, 

2 the method comprising the steps of: 

3 receiving a digital signature for the access control function; 

4 generating a mapping of the access control function to the digital signature; 

5 determining that the digital signature is mapped to the access control function 

6 based on the mapping when execution of the access control function is 

7 requested; 

8 generating a digital signature for a retrieved executable element: 

9 determining whether an the executable element matches the access control 

1 0 function bas e d on th e by comparing the digital signature of the executable 

11 element and the digital signature for the access control function : 

12 executing the executable element only when the executable element matches the 

13 access control function; 

14 wherein a particular class defines an implementation of the access control 

15 function; and 

16 returning data to a caller of the executable element after executing the executable 

17 element. 

18 whoroin tho method further includes the stop of detecting that an access control 

19 e v e nt has occurred; and 
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r e tri e ving th e e x e cutabl e e l e m e nt in r e spons e to d e t e cting that th e e v e nt has 
occurr e d. 

(previously presented) The method of Claim 1, 

wherein the step of receiving a digital signature includes the step of receiving a 

digital signature for the particular class; and 
wherein the step of generating a mapping includes generating a mapping between 

the particular class and the digital signature, 
(original) The method of Claim 1, 

wherein the method further includes the step of detecting that an access control 

event has occurred; and 
retrieving the executable element in response to detecting that the event has 

occurred. 

(original) The method of Claim 3, 
wherein the method further includes the steps of: 

generating a mapping between the access control event and the access 
control function; 

determining that the access control event is mapped to the access control 
function; and 

wherein the step of retrieving the executable element is performed in response to 
determining that the access control event is mapped to the access control 
function. 

(currently amended) The method of Claim [[4]] 1, wherein the step of returning 
data further includesing th e st e p of the executable element returning name-value 
pairs. 



Docket No.: 50329-0015 

(currently amended) The method of Claim [[5]] i, wherein the step of returning 
data th e ex e cutable e l e ment r e turning nam e valu e pairs includes the executable 
element returning a hash table that contains the name-value pairs, 
(original) The method of Claim 1, wherein the method further includes the 
steps of: 

generating a mapping of a plurality of access control functions to digital 

signatures, wherein the plurality of access control functions include the 
access control function, wherein one or more classes define an 
implementation for each of the plurality of access control functions; and 

wherein each of the one or more classes belong to a superclass. 

(original) The method of Claim 7, further including the step of invoking a 

routine defined by a superclass that collects data to return to a caller of the 

particular class. 

(original) The method of Claim 8, wherein the step of executing the 
executable element includes invoking a routine defined for the superclass, 
(original) The method of Claim 1, wherein the step of retrieving an 
executable element includes retrieving byte code. 

(original) The method of Claim 10, wherein the step of retrieving byte code 
includes retrieving Java byte code. 

(original) The method of Claim 1, wherein the step of retrieving an 
executable element includes a first computer system retrieving byte code 
transmitted via a local area network from a second computer system, 
(currently amended) A computer-readable medium carrying one or more 
sequences of one or more instructions for securely invoking an access control 



function, the one or more sequences of one or more instructions including 

instructions which, when executed by one or more processors, cause the one or 

more processors to perform the steps of: 

receiving a digital signature for the access control function; 

generating a mapping of the access control function to the digital signature; 

determining that the digital signature is mapped to the access control function 

based on the mapping when execution of the access control function is 

requested; 

generating a digital signature for a retrieved executable element: 
determining whether an the executable element matches the access control 

function bas e d on tho by comparing the digital signature of the executable 

element and the digital signature for the access control function : 
executing the executable element only when the executable element matches the 

access control function; and 
wherein a particular class defines an implementation of the access control 

function; and 

returning data to a caller of the executable element after executing the executable 
element. 

wh e r e in th e computer r e adable m e dium furth e r includes s e quences of instructions 
for p e rforming th e st e p of d e t e cting that an access control ev e nt has 
occurr e d; and 

r e trieving th e e xecutable e lement in r e sponse to detecting that tho ev e nt has 
occurred. 

(previously presented) The computer-readable medium of Claim 13, 



wherein the step of receiving a digital signature includes the step of receiving a 

digital signature for the particular class; and 
wherein the step of generating a mapping includes generating a mapping between 

the particular class and the digital signature, 
(original) The computer-readable medium of Claim 13, 

wherein the computer-readable medium further includes sequences of instructions 
for performing the step of detecting that an access control event has 
occurred; and 

retrieving the executable element in response to detecting that the event has 
occurred. 

(original) The computer-readable medium of Claim 15, 
wherein the computer-readable medium further includes sequences of instructions 
for performing the steps of: 

generating a mapping between the access control event and the access 
control function; 

determining that the access control event is mapped to the access control 
function; and 

wherein the step of retrieving the executable element is performed in response to 
determining that the access control event is mapped to the access control 
function. 

(currently amended) The computer-readable medium of Claim ±6 13, wherein 
the step of returning data further includesiftg sequences of instructions for 
performing the step of the executable element returning name-value pairs. 



(currently amended) The computer-readable medium of Claim ¥J- 13, wherein 
the step of returning data th e e x e cutabl e e l e m e nt r e turning nam e valu e pairs 
includes the executable element returning a hash table that contains the name- 
value pairs. 

(original) The computer-readable medium of Claim 13, wherein the 
computer-readable medium further includes sequences of instructions for 
performing the steps of: 

generating a mapping of a plurality of access control functions to digital 

signatures, wherein the plurality of access control functions include the 
access control function, wherein one or more classes define an 
implementation for each of the plurality of access control functions; and 
wherein each of the one or more classes belong to a superclass, 
(original) The computer-readable medium of Claim 19, further including 
sequences of instructions for performing the step of invoking a routine defined by 
a superclass that collects data to return to a caller of the particular class, 
(original) The computer-readable medium of Claim 20, wherein the step of 
executing the executable element includes invoking a routine defined for the 
superclass. 

(original) The computer-readable medium of Claim 13, wherein the step of 
retrieving an executable element includes retrieving byte code, 
(original) The computer-readable medium of Claim 22, wherein the step of 
retrieving byte code includes retrieving Java byte code. 



(original) The computer-readable medium of Claim 13, wherein the step of 
retrieving an executable element includes a first computer system retrieving byte 
code transmitted via a local area network from a second computer system, 
(currently amended) An access control system, comprising: 
a processor; 

a memory coupled to the processor; 

a first mapping that maps each of a set of access control functions to a digital 

signature of that access control function; 
the processor configured to retrieve an executable element in response to a 

request to execute a first access control function; 
the processor configured to generate a digital signature for a retrieved executable 

element; 

the processor configured to determine whether the executable element matches 

the access control function bas e d on tho by comparing the digital signature 
of the executable element and the digital signature for the access control 
function ; 

the processor configured to determine whether the executable element matches 
the first access control function based on the digital signature; 

the processor configured to execute the executable element when the executable 
element matches the first access control function; and 

wherein the set of access control functions are each implemented in a class; and 

the processor configured to return data to a caller of the executable element after 
executing the executable element. 

th e processor configur e d to det e ct that an access control event has occurred; and 
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22 th e proc e ssor configur e d to r e tri e ve th e e x e cutabl e e l e m e nt in response to 

23 d e t e cting that th e ev e nt has occurr e d. 

1 26. (original) The access control system of Claim 25, 

2 wherein the first mapping maps a class implementing one of the set of access 

3 control functions to a digital signature. 

1 27. (original) The access control system of Claim 25, further comprising: 

2 the processor configured to detect that an access control event has occurred; and 

3 the processor configured to retrieve the executable element in response to 

4 detecting that the event has occurred. 

1 28. (original) The access control system of Claim 27, further comprising: 

2 the processor configured to generate a mapping between the access control event 

3 and the access control function; 

4 the processor configured to determine that the access control event is mapped to 

5 the access control function; and 

6 the processor configured to retrieve the executable element in response to 

7 determining that the access control event is mapped to the access control 

8 function. 

1 29. (currently amended) The access control system of Claim 28 25, wherein the 

2 executable element returns name-value pairs as data . 

1 30. (currently amended) The access control system of Claim 29 25, wherein the 

2 executable element returns a hash table as data that contains the name-value pairs. 

1 31. (original) The access control system of Claim 25, 

2 wherein the processor is configured to generate a mapping of a plurality of access 

3 control functions to digital signatures; 
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wherein the plurality of access control functions include the access control 

function, wherein one or more classes define an implementation for each 
of the plurality of access control functions; and 

wherein each of the one or more classes belong to a superclass. 

(original) The access control system of Claim 3 1 , further comprising said 

processor configured to invoke a routine defined by a superclass that collects data 

to return to a caller of the particular class. 

(original) The access control system of Claim 32, wherein said processor is 
configured to execute the executable element by invoking a routine defined for 
the superclass. 

(original) The access control system of Claim 33, wherein said executable 
element is byte code. 

(original) The access control system of Claim 34, wherein said byte code 
includes Java byte code. 

(original) The access control system of Claim 35, wherein said processor is 
configure to retrieve an executable element by retrieving byte code transmitted 
via a local area network. 
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